About 1 percent of email traffic, which totals about 3 billion emails per day, is made up of phishing attack schemes. Multiply that number by the average cost of a data breach, which IBM reports is $4.45 million, and you will understand why email security is such a vital service to offer your customers.
Doesn’t All Antivirus Provide Email Security?
There are two primary methods of stopping malware delivered via email. The first is at the endpoint with an antivirus/antimalware/endpoint security solution. While these solutions can prevent the execution of malicious code (by scanning email attachments and monitoring embedded hyperlinks), an important consideration is that, at that point, something bad has already made it into the network at the endpoint. The second form of protection is an email security solution that monitors all incoming (and even outgoing) emails for malicious payloads and links, taking a quarantine action before anything bad ever reaches the endpoint.
Previously, XaaS Journal compared a few different endpoint security products. In this comparison, we’ll look at email security solutions from Avast, Barracuda, Bitdefender, and VIPRE, which address email security before the endpoint.
Core Functionality, Pricing
We asked each vendor to explain how their software functions, what platforms are supported, and how pricing is structured.
Avast Email Security is a cloud-based solution that works with hosted Exchange or on-premises, as well as IMAP/POP3 email. All incoming mail is directed through Avast’s cloud security network and data centers, where the company scans email for spam, viruses, phishing, and other attacks. Suspicious email is held in quarantine in Avast’s network, where it is analyzed. Users receive a report including the recently blocked emails and can view the quarantined ones in real time. Clean email is automatically forwarded to the server for delivery.
Avast offers a pay-as-you-go model so MSPs can adopt the email security service without long-term contracts or commitments. The service can be turned on or off as needed. Additionally, there is no minimum commitment. The options within the Email Security act as “a la carte” services of Antispam, Archiving, and Email Encryption so businesses can mix and match as needed.
Bitdefender GravityZone Security for Email protects all email service providers and supports hybrid environments using Microsoft Exchange Server (on-premises), Microsoft Exchange Online, Microsoft 365, or Google Gmail. Security for Exchange scans Email traffic in real-time as it passes through Microsoft Exchange servers using transport agents before it reaches intended recipients’ mailboxes. Bitdefender GravityZone Security for Email is independent of a mail server and deploys by modifying the MX record to integrate with any email server an organization uses. The process is similar to a gateway deployment, in which all incoming and outgoing emails are routed through the Bitdefender email service in the cloud. The integration is seamless with cloud-based email servers like Microsoft 365, Exchange Online, or Gmail. Bitdefender Security for Exchange and Security for Email service provides comprehensive security features, including antimalware, antispam, antiphishing, attachment, and content filtering. Pricing is based on the number of protected mailboxes; there is no minimum commitment.
Barracuda Email Protection is a cloud-based solution for organizations that want to protect their businesses, brands, and people against the most advanced email-borne threats. Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers gateway defense, AI-based impersonation and phishing protection, incident response, data protection, and compliance capabilities.
VIPRE Email Security Cloud is a cloud-based solution that can protect Microsoft Outlook, Lotus Notes, Office 365, and Google Apps. Email is scanned before the endpoint twice. Once at the beginning of the email journey and again after additional machine learning and image analysis. Pricing is per mailbox (not disclosed), with a one-year commitment.
Phishing Protection
Solutions include features that specifically protect users from phishing:
Bitdefender
Antiphishing protection is included in Bitdefender GravityZone Security for Email. Inbound email redirected through the solution undergoes connection and message filtering, where it’s checked for malware, spam, spoofing and evaluated against threat intelligence and other factors, then quarantined or, if safe, forwarded to the company’s mail server.
Barracuda
Barracuda Email Protection defends against business email compromise, account takeover, spear phishing, and other personalized attacks by combining email gateway with direct API integration into your Office 365 environment. This integration provides visibility into the internal, external, and historical email communication used in training machine learning models to identify phishing and other advanced threats. Barracuda’s AI will identify and block attacks in real time without impacting email or network performance.
Avast
When asked about its phishing protection, Avast reported that the functionality exists and suspicious email is held in quarantine.
VIPRE
The VIPRE Email Security Cloud offering includes automatic bad URL detection and defense against links becoming weaponized after they pass through spam and virus filters. It also provides click-time protection for links embedded in emails. Original URLs embedded in an email are replaced with a temporary one that is revalidated when the user clicks on it to ensure that the target site is not malicious. This click-time re-validation helps to ensure that users don’t intentionally or accidentally attempt to visit places that could steal their data, corrupt their machines, or invade their privacy.
Malicious Links
Because distracted users may accidentally click a link or a sophisticated phishing scheme may convince users to click, email security is designed to detect malicious links and mitigate this threat.
Bitdefender
Bitdefender’s solution filters out and quarantines messages that contain malware, spam, malicious URLs, and other factors based on custom rules.
Barracuda
Barracuda Email Protection also includes Link Protection. A common method attackers use to deliver malware relies on URLs containing malicious code, which can be invisibly downloaded and trigger a much larger attack. Link Protection automatically rewrites these URLs so that Barracuda Email Protection can sandbox the malicious request and block the link.
Avast
Avast shared that malicious links are analyzed and quarantined.
VIPRE
As reported above, VIPRE’s phishing features provide click-time protection that validates links and protects users.
Malware Protection
Email security solutions also address threats from malware:
Bitdefender
Bitdefender takes a multi-layer approach, using signature and behavior-based antivirus and antispam to detect all types of threats, including zero-day variants.
Barracuda
Barracuda Email Protection leverages the cloud for dynamic, real-time threat analysis, attachment sandboxing, and URL protection to prevent malware from affecting email users.
VIPRE
VIPRE Email Security addresses malware before the endpoint with scanning technology, behavioral analysis, and URL rewriting. Malware protection is picked up again at the endpoint after the email pipeline of security is complete. VIPRE also offers attachment threat protection to safeguard email attachments from malicious and zero-day threats and in-transit encryption to protect confidential emails and attachments.
Avast
Avast again reported that malware protection exists and suspicious email is held in quarantine.
Spam Protection
Filtering spam can lead to greater productivity and security. Email security solutions with spam protection include:
Bitdefender
With Bitdefender, incoming email is automatically filtered for spam using a multi-layered spam detection filter, local signatures, URL database filter, heuristic filter, and RBL lists. Antispam protection can also be configured for outbound email traffic (more on that in the next section). Trusted email addresses or domains can be whitelisted. The solution integrates with Microsoft Exchange SCL.
Barracuda
Barracuda quickly filters and sanitizes every email before it’s delivered to your mail server to protect you from email-borne threats. Using virus scanning, spam scoring, real-time intent analysis, URL link protection, reputation checks, and other techniques, Barracuda provides you with the best possible level of protection. Barracuda Central, a global 24×7 threat operations center, constantly monitors the internet for new threats across all attack vectors and feeds this intelligence into email filtering technology.
VIPRE
VIPRE Email Security uses an antispam engine that identifies and quarantines spam at a 99.9 percent efficiency rate, according to the company.
Encryption, Outbound Email Protection
Today, it’s essential to protect your customers from inbound threats and prevent outbound threats that can risk their domain being placed on a block list.
Avast
Avast Business Encrypted Email is a cloud-based email security service that automatically encrypts all outbound emails sent through its customer’s network. Through its inbox-to-inbox communication, sender-recipient authentication is not required, and users do not need to build and maintain their own encryption keys. Customers can set policy rules that identify sensitive content and automatically encrypt emails to meet defined criteria.
Bitdefender
Bitdefender’s email security solution includes TLS/opportunistic TLS, enforcing TLS encryption, and restricting communication with other email servers that do not support TLS protocol.
Barracuda
Barracuda Email Protection secures mail by encrypting it during transport to the Barracuda Message Center, encrypting it at rest for storage in the cloud, and providing secure retrieval by recipients through HTTPS web access. Data in motion is secured via Transport Layer Security (TLS), and data at rest is secured via AES 256-bit encryption.
Sensitive emails can be marked manually for encryption. However, creating a policy to automatically encrypt emails based on their sender, content, and other criteria is also possible. Encryption policies ensure organizations comply with regulations designed to protect customer data, such as HIPAA. Finally, using a subset of its defense layers, Barracuda Email Protection outbound filtering stops outbound spam and viruses.
VIPRE
As part of VIPRE’s upcoming May update, the company reports that its email security solution will leverage encrypted point-to-point data transmission and a secure user portal to ensure that only the right users get the right message every time.
Archiving
Email security solutions with archiving functionality include:
Bitdefender
GravityZone Email Security log data is archived automatically after 90 days and can be downloaded from the console for the next 12 months.
Avast
Avast Business Email Archive is a secure cloud-based solution that integrates seamlessly with your customers’ existing email infrastructure. It automatically routes all incoming, outgoing, and internal emails through the Avast Business Email Archive gateway so every message can be safely stored, searched for, and recovered to individual desktops.
Barracuda
Barracuda Email Protection provides a cloud-based archive of all email communication. It follows the accepted “best practice” approach for compliance by archiving an original copy of every email into a separate immutable store for long-term retention and preservation.
Compliance and eDiscovery capabilities provided within Office 365 may be adequate for some organizations. Still, Microsoft’s “in-place” approach for long-term email retention and preservation means these capabilities have inherent limitations. They can be complex and expensive to operate and are unlikely to meet the needs of organizations with more demanding compliance and discovery requirements.
Barracuda’s solution includes a cloud-based, indexed archive separate from Microsoft 365 that allows for granular retention policies, extensive search, auditing, permissions, legal hold, and export of emails that may be required in eDiscovery. Litigation holds preserve email from being tampered with until the litigation hold expires or is removed.
VIPRE
VIPRE’s April 2020 update includes email archiving with custom management rules that are fully indexed and searchable. Archiving includes unlimited storage of every email message sent to or from an organization, allowing customers to easily track down precisely what was said in business conversations from years ago.
Closing Thoughts
As with all our comparisons, we can’t choose which product is best for you. It’s clear, however, that each vendor we covered has put a lot of effort into their solutions. Since criminals are constantly refining their strategies, we know these products will continue to evolve. We plan to update this comparison as new features are released. We also plan to expand the field to the other vendors who could not make our deadline.
